bot@lemmy.smeargle.fansMB to Hacker News@lemmy.smeargle.fans · 5 months agoOpenSSL bug exposed up to 255 bytes of server heap and existed since 2011jbp.ioexternal-linkmessage-square1fedilinkarrow-up19arrow-down10file-text
arrow-up19arrow-down1external-linkOpenSSL bug exposed up to 255 bytes of server heap and existed since 2011jbp.iobot@lemmy.smeargle.fansMB to Hacker News@lemmy.smeargle.fans · 5 months agomessage-square1fedilinkfile-text
minus-squareqprimedlinkfedilinkarrow-up5·5 months ago SSL_select_next_proto` buffer overread celebrating a decade of publishing your heap over the internet ok, if that article tagline does not grab your attention, youre dead inside. tl;dr current exploit unlikely, but historical exploits possible. roll aging secrets and be cautious about the integrity of older session data.
ok, if that article tagline does not grab your attention, youre dead inside.
tl;dr